$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa File: c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa (raw, json) Hash identifier: pQaTSFTzjfsMI9meGfme+/pl93WRKpzlHRr7I3s2vqI= Subject key identifier: 45:AB:AC:78:2D:5B:E3:43:58:5F:AE:2D:D5:8D:75:64:70:FB:F2:02 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 5C6A7AAE959CA23EDD91BB74724E8798250B4955 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa Signing time: Tue 20 May 2025 00:00:35 +0000 ROA not before: Tue 20 May 2025 00:00:35 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:6a:7a:ae:95:9c:a2:3e:dd:91:bb:74:72:4e:87:98:25:0b:49:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 20 00:00:35 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=09a6964b13a9d4b56da94094964c49043db38c0bbf7f0fef48ee1caa00a1fd7b, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:17:88:67:ef:52:8d:75:41:bb:ba:b9:a1:7d: 81:a2:d6:85:69:d1:13:30:05:0e:3d:e2:1d:d7:19: d1:17:b6:e8:e3:74:ea:9e:6c:16:7a:ad:99:d8:74: 97:54:7d:8d:2b:5f:2f:84:c5:6c:5b:bc:d0:78:06: 50:43:c5:ba:de:d0:4b:41:3f:20:8a:1e:50:a2:c6: 4d:e9:a5:39:65:d0:b2:e8:53:8d:3e:d2:5d:01:45: 9d:aa:1f:35:53:f7:4c:76:85:d8:e2:9a:1d:af:11: b0:e9:92:8c:96:f2:f6:44:5f:ce:48:4c:48:7e:48: 96:a5:b1:fb:f5:a3:d8:8a:c8:07:0c:f0:d0:c2:ad: 5a:84:be:cc:59:bc:89:42:c6:7a:91:c4:d9:79:0e: 04:cc:a5:35:b8:32:a2:02:cd:2c:60:98:55:39:0f: c0:b7:67:6f:c3:ee:1c:81:ee:dc:c7:ab:dd:66:f7: 26:74:12:f8:9d:1a:28:a2:98:9e:4f:c7:5c:f7:1e: 1e:79:0c:d6:27:3f:1d:73:96:4e:20:03:ac:a9:1f: 22:50:31:07:9e:c6:95:c3:3e:bf:67:66:54:86:30: 1e:fe:82:4a:ca:4b:d2:53:1b:04:69:30:50:97:a8: f6:3b:76:a8:aa:20:89:80:ce:ed:13:e6:11:d5:ef: 14:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:AB:AC:78:2D:5B:E3:43:58:5F:AE:2D:D5:8D:75:64:70:FB:F2:02 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:40c0::/48 Signature Algorithm: sha256WithRSAEncryption a1:8a:be:5a:eb:35:75:1f:b5:07:88:e1:1f:5a:a1:22:c5:22: c4:84:7e:fb:a8:ce:4e:bf:2f:09:fc:40:2b:1f:23:06:8b:03: ca:cc:54:36:dd:71:4f:f1:bd:d3:96:79:62:b8:14:ae:b5:90: 02:e1:31:4d:23:cd:79:67:d7:47:1d:a4:ee:71:e7:6a:50:47: fc:9c:87:fa:95:35:ae:74:d3:30:c4:5e:80:ee:43:00:24:f0: a4:81:25:68:8c:95:00:ba:c1:53:f4:ef:a0:00:7d:73:c5:d8: 87:d4:4a:76:27:a3:f0:d4:f0:46:ed:a2:22:d9:5c:73:46:01: 99:81:a8:91:ab:2f:b2:c5:65:d6:1c:64:1d:a5:b2:b5:5b:75: 9a:bb:1e:91:03:4b:9a:4f:38:4e:cf:be:d4:b1:82:94:69:8a: 65:27:ed:01:6f:c7:4f:0a:da:ec:d4:c2:8c:2f:ed:a6:61:20: d9:0b:a3:c8:68:f7:62:54:1a:d7:a6:aa:3a:e3:a5:15:f2:f2: ef:10:9f:8b:e6:2e:36:f7:9e:d3:ec:bc:b3:09:9c:d8:00:d7: ca:ba:92:32:03:45:4b:ca:63:cf:df:c9:91:77:6d:7d:e7:35: dc:0a:fd:b6:21:03:d1:47:42:8a:b9:60:a4:00:cf:be:fd:70: fe:b3:43:ba -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUXGp6rpWcoj7dkbt0ck6HmCULSVUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDUyMDAwMDAzNVoX DTI1MDYyNDIzNTk1OVowejFJMEcGA1UEBRNAMDlhNjk2NGIxM2E5ZDRiNTZkYTk0 MDk0OTY0YzQ5MDQzZGIzOGMwYmJmN2YwZmVmNDhlZTFjYWEwMGExZmQ3YjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmheIZ+9SjXVBu7q5oX2BotaFadET MAUOPeId1xnRF7bo43TqnmwWeq2Z2HSXVH2NK18vhMVsW7zQeAZQQ8W63tBLQT8g ih5QosZN6aU5ZdCy6FONPtJdAUWdqh81U/dMdoXY4podrxGw6ZKMlvL2RF/OSExI fkiWpbH79aPYisgHDPDQwq1ahL7MWbyJQsZ6kcTZeQ4EzKU1uDKiAs0sYJhVOQ/A t2dvw+4cge7cx6vdZvcmdBL4nRooopieT8dc9x4eeQzWJz8dc5ZOIAOsqR8iUDEH nsaVwz6/Z2ZUhjAe/oJKykvSUxsEaTBQl6j2O3aoqiCJgM7tE+YR1e8UbQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEWrrHgtW+NDWF+uLdWNdWRw+/ICMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M5ZjdkYmQyLTFjN2UtNDJlOC1hN2Y5LTAwYmQ3NmU3MDI0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0DAMA0GCSqGSIb3DQEBCwUAA4IBAQChir5a6zV1H7UHiOEf WqEixSLEhH77qM5Ovy8J/EArHyMGiwPKzFQ23XFP8b3TlnliuBSutZAC4TFNI815 Z9dHHaTucedqUEf8nIf6lTWudNMwxF6A7kMAJPCkgSVojJUAusFT9O+gAH1zxdiH 1Ep2J6Pw1PBG7aIi2VxzRgGZgaiRqy+yxWXWHGQdpbK1W3Waux6RA0uaTzhOz77U sYKUaYplJ+0Bb8dPCtrs1MKML+2mYSDZC6PIaPdiVBrXpqo646UV8vLvEJ+L5i42 957T7LyzCZzYANfKupIyA0VLymPP38mRd2195zXcCv22IQPRR0KKuWCkAM++/XD+ s0O6 -----END CERTIFICATE-----Generated at Mon Jun 2 04:41:16 2025 by rpki-client